Solved

Why can't I connect externally to VPN on one network, but I can with two others?

Posted on 2007-04-09
6
226 Views
Last Modified: 2010-05-18
Hi,
*WORKS* I have set up a VPN server on a Windows 2003 server (std) by following the RRAS wizard, allowing access for a user, and then forwarding port (on the router) 1723 TCP to the server's internal IP. It works just fine. This has one network port and the router is a Linksys. It has both port-forwarding of 1723 to the server and PPTP passthrough enabled.

*WORKS* I did this same thing on another WIndows 2003 server SBS netowork and it works also. This one has one network port and a Microsoft MN-700 router. It has port forwarding enabled for 1723 TCP to the server. (PPTP pass-through is not mentioned in the config screens)

*DOES NOT WORK!* I tried the same thing on a another Windows SBS 2003 server (a third network) and I can not connect. It gets to "Verifying username and password" then says "error 721. the remote computer did not respond". This server also has one network port and has a D-Link DI-614+ router. I tried both TCP 1723 and UDP 500 forwarding to the server.

Thanks for your help.
0
Comment
Question by:jmolhava
  • 3
  • 3
6 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
ID: 18881061
The 721 error can be caused if you haven't forwarded the GRE protocol (also known as protocol 47) in your router through to the server's IP address. This, as far as I'm aware, handles the authentication for the PPTP VPN, so needs to be forwarded. However, don't get protocol 47 confused with TCP port 47, forwarding that won't do anything. On some routers, it would be enabled by enabling PPTP passthrough, so it could be the D-link router just isn't capable of it.

However, another possibility could be that it is blocked at the ISP, but if your machine manages to find the server and only fails on the verifying username and password stage, it is likely to be the GRE protocol 47 issue.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 18881073
However (with reference to my previous post) it does say here http://www.dlink.com.sg/products/?pid=20 that it is capable of concurrent PPTP VPN connections. Perhaps there's a check box somewhere to tick to allow PPTP passthrough? If not, just try and see if GRE protocol 47 can be forwarded in the NAT port forwarding settings.
0
 

Author Comment

by:jmolhava
ID: 18883423
I looked into the info you mentioned and also the D-Link page. It's also good to know what the GRE 47 actually does... never really knew other than it was needed.
From the D-Link page: They seem to have a specific way to enable the GRE protocol (just not as obvious as on the other two routers). I will try it later today and post back with the results.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:jmolhava
ID: 18885071
OK that did it. It works now. Thanks for the tip off with GRE and the router settings. I guess every router kinda has their own way to do it.

0
 

Author Comment

by:jmolhava
ID: 18885092
One more thought in case anyone else has this same router:
D-Link DI-614+
See the knowledge base on their website and look at the PPTP VPN connection instructions. The GRE entry will show up only if you add the PPTP 1723 entry in 'Virtual Server'. I also had to reset the router in order for it to take effect (apply was not enough).

http://support.dlink.com/SupportFAQ/default.asp?model=DI%2D614%2B
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 18885511
That's often the case - the less advanced routers are probably preconfigured to do it for you. At least it works now!
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Telepresence on backup 3 34
Multiple Open Excel Spreadsheets 12 58
VPN Ports 8 33
domian network access 5 23
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question